Title :
An incident response decision support system based on CBR and ontology
Author :
Ping, Liu ; Haifeng, Yu ; Guoqing, Ma
Author_Institution :
Nat. Key Lab. of Sci. & Technol. on Inf. Syst. Security, Beijing, China
Abstract :
The similar incident has the similar incident response solution in the information security domain. This spurs us to explore successful past experiences and construct their formal representation so that we can store and share them. Case-based reasoning (CBR) and ontology are means to facilitate fulfilling the above task. This paper designs the incident response decision support system which is based on CBR and ontology. Having given the ontology representation of the security incident, according to the property of incident response an algorithm to get the best match case is presented. Two incident response instances are presented.
Keywords :
case-based reasoning; decision support systems; ontologies (artificial intelligence); security of data; case-based reasoning; incident response decision support system; information security domain; ontology; security incident; Algorithm design and analysis; Decision making; Decision support systems; Feature extraction; Information security; Ontologies; CBR; Decision support; Incident response; Ontology;
Conference_Titel :
Computer Application and System Modeling (ICCASM), 2010 International Conference on
Conference_Location :
Taiyuan
Print_ISBN :
978-1-4244-7235-2
Electronic_ISBN :
978-1-4244-7237-6
DOI :
10.1109/ICCASM.2010.5623194
